Trivy Report - Vulnerabilities (2984)
Show columns:
| ruby:3.1 (debian 12.10) | imagemagick | CVE-2025-53014 | 9.8 | 0.02 | CRITICAL | 8:6.9.11.60+dfsg-1.6+deb12u2 | 8:6.9.11.60+dfsg-1.6+deb12u4 | ImageMagick: ImageMagick Heap Buffer Overflow | |||
| ruby:3.1 (debian 12.10) | imagemagick | CVE-2025-53101 | 9.8 | 0.05 | CRITICAL | 8:6.9.11.60+dfsg-1.6+deb12u2 | 8:6.9.11.60+dfsg-1.6+deb12u4 | ImageMagick: ImageMagick Stack Buffer Overflow | |||
| ruby:3.1 (debian 12.10) | imagemagick | CVE-2025-57807 | 9.8 | 0.04 | CRITICAL | 8:6.9.11.60+dfsg-1.6+deb12u2 | 8:6.9.11.60+dfsg-1.6+deb12u4 | imagemagick: ImageMagick BlobStream Forward-Seek Under-Allocation | |||
| ruby:3.1 (debian 12.10) | libaom3 | CVE-2023-6879 | 9.8 | 0.15 | CRITICAL | 3.6.0-1+deb12u1 | aom: heap-buffer-overflow on frame size change | ||||
| ruby:3.1 (debian 12.10) | libopenexr-3-1-30 | CVE-2023-5841 | 9.1 | 0.8 | CRITICAL | 3.1.5-5 | OpenEXR: Heap Overflow in Scanline Deep Data Parsing | ||||
| ruby:3.1 (debian 12.10) | libsqlite3-0 | CVE-2025-6965 | 9.8 | 0.02 | CRITICAL | 3.40.1-2+deb12u1 | 3.40.1-2+deb12u2 | sqlite: Integer Truncation in SQLite | |||
| ruby:3.1 (debian 12.10) | libsqlite3-0 | CVE-2025-7458 | 9.1 | 0.09 | CRITICAL | 3.40.1-2+deb12u1 | sqlite: SQLite integer overflow | ||||
| ruby:3.1 (debian 12.10) | libxml2 | CVE-2024-56171 | 9.8 | 0.04 | CRITICAL | 2.9.14+dfsg-1.3~deb12u1 | 2.9.14+dfsg-1.3~deb12u2 | libxml2: Use-After-Free in libxml2 | |||
| ruby:3.1 (debian 12.10) | libxml2 | CVE-2025-49794 | 9.1 | 0.26 | CRITICAL | 2.9.14+dfsg-1.3~deb12u1 | 2.9.14+dfsg-1.3~deb12u3 | libxml: Heap use after free (UAF) leads to Denial of service (DoS) | |||
| ruby:3.1 (debian 12.10) | libxml2 | CVE-2025-49796 | 9.1 | 0.46 | CRITICAL | 2.9.14+dfsg-1.3~deb12u1 | 2.9.14+dfsg-1.3~deb12u3 | libxml: Type confusion leads to Denial of service (DoS) | |||
| ruby:3.1 (debian 12.10) | zlib1g | CVE-2023-45853 | 9.8 | 0.62 | CRITICAL | 1:1.2.13.dfsg-1 | zlib: integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6 | ||||
| ruby:3.1 (debian 12.10) | gir1.2-gdkpixbuf-2.0 | CVE-2025-7345 | 7.5 | 0.15 | HIGH | 2.42.10+dfsg-1+deb12u1 | gdk‑pixbuf: Heap‑buffer‑overflow in gdk‑pixbuf | ||||
| ruby:3.1 (debian 12.10) | git | CVE-2025-48384 | 8.1 | 0.74 | HIGH | CISA KEV | 1:2.39.5-0+deb12u2 | git: Git arbitrary code execution | |||
| ruby:3.1 (debian 12.10) | git | CVE-2025-48385 | 8.3 | 0.02 | HIGH | 1:2.39.5-0+deb12u2 | git: Git arbitrary file writes | ||||
| ruby:3.1 (debian 12.10) | icu-devtools | CVE-2025-5222 | 7 | 0.03 | HIGH | 72.1-3 | 72.1-3+deb12u1 | icu: Stack buffer overflow in the SRBRoot::addTag function | |||
| ruby:3.1 (debian 12.10) | imagemagick | CVE-2025-53019 | 7.5 | 0.05 | HIGH | 8:6.9.11.60+dfsg-1.6+deb12u2 | 8:6.9.11.60+dfsg-1.6+deb12u4 | ImageMagick: ImageMagick Memory Leak | |||
| ruby:3.1 (debian 12.10) | imagemagick | CVE-2025-55154 | 8.8 | 0.07 | HIGH | 8:6.9.11.60+dfsg-1.6+deb12u2 | 8:6.9.11.60+dfsg-1.6+deb12u4 | imagemagick: ImageMagick: integer overflows in MNG magnification | |||
| ruby:3.1 (debian 12.10) | imagemagick | CVE-2025-55212 | 7.5 | 0.2 | HIGH | 8:6.9.11.60+dfsg-1.6+deb12u2 | 8:6.9.11.60+dfsg-1.6+deb12u4 | ImageMagick: ImageMagick crash on crafted input | |||
| ruby:3.1 (debian 12.10) | imagemagick | CVE-2025-55298 | 8.8 | 0.39 | HIGH | 8:6.9.11.60+dfsg-1.6+deb12u2 | 8:6.9.11.60+dfsg-1.6+deb12u4 | ImageMagick: ImageMagick Format String Bug in InterpretImageFilename leads to arbitrary code execution | |||
| ruby:3.1 (debian 12.10) | imagemagick | CVE-2025-57803 | 8.8 | 0.07 | HIGH | 8:6.9.11.60+dfsg-1.6+deb12u2 | 8:6.9.11.60+dfsg-1.6+deb12u4 | imagemagick: ImageMagick (WriteBMPImage): 32-bit integer overflow when writing BMP scanline stride → heap buffer overflow |